During the Hacking Team breach which came to light earlier this week, a large quantity of Hacking Team's internal data was posted online. Some of this data pertained to a 0-day (a vulnerability which the vendor is not aware of) in Adobe Flash (versions 9 through to 18.104.22.168) (CVE-2015-5119) which allows an attacker to execute code on a victims computer if they browse to a website with a malicious flash file embedded.
This morning, OpenSSL released details of a vulnerability (CVE-2015-1793) affecting OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1 for client connections; listening servers are unaffected unless they validate client certificates. Anyone can issue themselves a certificate for any domain and the OpenSSL library will not notice, allowing someone to impersonate a server and pass TLS/SSL based checks. The vulnerability allows an attacker to use a leaf certificate as if they were a Certificate Authority and issue rogue certificates to themselves.
CBS Sunday Morning came to Leviathan in February to discuss how security research and consulting can strengthen both the private and public sector against external security threats with Frank Heidt, our Chief Executive Officer.
Like many others in the security industry I sat down last night to watch the first episode of CSI: Cyber, the latest of the CSI franchises, following the work of special agent Avery Ryan and her team. Special agent Ryan is a CyberPsychologist who heads up the Cyber Crime Division of the FBI.
How we store data---and how we think about keeping our memories available over the long term---has changed in the last few years. The world has become better at keeping data secure and safe by distributing it to multiple continents. However, some leaders are calling for "national Internets"---censored, walled gardens set up to appease special interest groups that range from political factions, to property cartels, to religious police. Other leaders have taken a different tack, called forced localization; rather than blocking your communications, they want to require that all your data (and all the computers that handle it) be inside a single country: theirs, for whichever country they represent. These would be major changes to the structure of the Internet---changes that would harm both businesses and the general public.
Scarcity of cybersecurity experts is a real problem that can be quantified and described---but not one that can easily be solved. Limited resource availability, the basis for our entire economic system, is ordinarily a problem of finding raw materials or advanced machinery, not one of hiring the workers we need to defend our assets---but with more than one million cybersecurity positions unfilled worldwide, currently-identified cybersecurity needs could not be met if every employee at GM, Costco, Home Depot, Delta, and Procter \& Gamble became security experts tomorrow. Those one million positions span all industries, specializations, and requirements, and include approximately 25,000 non-military positions in the United States' federal civil service.
We are pleased to announce the release of our three whitepapers on the value of cloud computing as it relates to security issues around data storage, in the areas of data availability, scarcity of expert security talent, and the infrastructure and hardware investment to set up new data storage solutions.
“That’s where the money is!”
– Attributed to Willie Sutton, Non-Traditional Withdrawals Specialist
Willie Sutton was quoted as having said the above (he denied coining the phrase) in response to the question, “Why do you rob banks?” At the time, it was an obvious choice; in a pre-networked world, value was primarily transmitted by moving physical objects around the world, whether they were bars of precious metals, mineral crystals, or slips of paper. A non-traditional account withdrawal, then, relied on transporting physical objects from point A (a location controlled by the bank) to point B (a location controlled by the attacker).
After creating and using a new exitmap module, I found downloaded binaries being patched through a Tor exit node in Russia. Tor is a wonderful tool for protecting the identity of journalists, their sources, and even regular users around the world; however, anonymity does not guarantee security.